Did Apple miss major security feature with Snow Leopard?

Discussion in 'macOS' started by Schtibbie, Aug 29, 2009.

  1. Schtibbie macrumors 6502

    Joined:
    Jan 13, 2007
    #1
    http://www.channelregister.co.uk/2009/08/29/snow_leopard_security/

    Can any techie types confirm this? One of the major security features that security experts were hoping would get added to Snow Leopard apparently wasn't - complete ASLR. I think (?) Windows has this presently. NOT TO COMPARE THE TWO across the board, mind you. This is just one piece folks thought they'd fix up this time.
     
  2. rpp3po macrumors regular

    Joined:
    Aug 16, 2003
    Location:
    Germany
    #2
    Yes, the article is accurate. Apple's ASLR implementation is half hearted compared to Vista and 7. ASLR doesn't mean total immunity, but doing it only half way really kind of invalidates the whole concept, when core parts of the system aren't included. Microsoft's reputation for security is much worse today (from <= XP times) than it is justified for current products. Regarding OS level security concepts even Vista was ahead of both 10.5 & 10.6. Of course, Microsoft always finds spots to totally mess things up. And so they wrapped a totally annoying pop-up concept on-top of all this.
     
  3. Schtibbie thread starter macrumors 6502

    Joined:
    Jan 13, 2007
    #3
    Yeah, but I had read elsewhere that the move to 64-bit would let them "hide" their code with ASLR even better than before - so they COULD but they didn't manage to randomize (Address Space Layout Randomization, for folks who don't know) any more stuff than they had in regular Leopard? I guess that's what the security guy in the article was saying. Oh well.
     
  4. xIGmanIx macrumors 6502a

    Joined:
    Dec 21, 2008
    #4
    its unfortunately that they didn't take the time and survey the security scene and its possible future. I am no hacker, however when i think about security, i don't think about apple.
     

Share This Page